# # This file is managed by Salt! Do not edit by hand! # {# Define default values here so the template below can just focus on layout #} {% set sitename = site.get('ServerName', id) %} {% set vals = { 'interfaces': site.get('interface', '*').split(), 'port': site.get('port', '80'), 'ServerName': sitename, 'ServerAlias': site.get('ServerAlias', ''), 'ServerAdmin': site.get('ServerAdmin', 'webmaster@{0}'.format(sitename)), 'UseCanonicalName': site.get('UseCanonicalName'), 'LogLevel': site.get('LogLevel', 'warn'), 'ErrorLog': site.get('ErrorLog', '{0}/{1}-error.log'.format(map.logdir, sitename)), 'LogFormat': site.get('LogFormat', '"%a %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\""'), 'CustomLog': site.get('CustomLog', '{0}/{1}-access.log'.format(map.logdir, sitename)), 'ProxyRequests': site.get('ProxyRequests', 'Off'), 'ProxyPreserveHost': site.get('ProxyPreserveHost', 'On'), 'ProxyRoute': site.get('ProxyRoute', {}), 'Location': { 'Order': 'allow,deny', 'Allow': 'from all', 'Require': 'all granted', }, 'LocationMatch': { 'Order': 'allow,deny', 'Allow': 'from all', 'Require': 'all granted', }, } %} ServerName {{ vals.ServerName }} {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %} {% if site.get('ServerAdmin') != False %}ServerAdmin {{ vals.ServerAdmin }}{% endif %} {% if site.get('UseCanonicalName') %}UseCanonicalName {{ vals.UseCanonicalName }}{% endif %} {% if site.get('LogLevel') != False %}LogLevel {{ vals.LogLevel }}{% endif %} {% if site.get('ErrorLog') != False %}ErrorLog {{ vals.ErrorLog }}{% endif %} {% if site.get('LogFormat') != False -%}LogFormat {{ vals.LogFormat }}{% endif %} {% if site.get('CustomLog') != False -%}LogFormat {{ vals.LogFormat }} {{ sitename }} CustomLog {{ vals.CustomLog }} {{ sitename }}{% endif %} {% if site.get('SSLCertificateFile') %}SSLEngine on SSLCertificateFile {{ site.SSLCertificateFile }} {% if site.get('SSLCertificateKeyFile') %}SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}{% endif %} {% if site.get('SSLCertificateChainFile') %}SSLCertificateChainFile {{ site.SSLCertificateChainFile }}{% endif %} {% endif %} {% if site.get('Rewrite') %}RewriteEngine on {{ site.Rewrite }} {% endif %} {% if site.get('SSLProxyEngine') %}SSLProxyEngine {{ site.SSLProxyEngine }}{% endif %} ProxyRequests {{ vals.ProxyRequests }} ProxyPreserveHost {{ vals.ProxyPreserveHost }} {% if site.get('ProxyErrorOverride') %}ProxyErrorOverride {{ site.ProxyErrorOverride }} {% endif %} {% if site.get('ProxyErrorDir') %}ProxyPass /{{ site.ProxyErrorDir }}/ ! {% endif %} {% for proxy, proxyargs in vals.ProxyRoute|dictsort|reverse %} {% set proxyvals = { 'ProxyPassSource': proxyargs.get('ProxyPassSource', '/'), 'ProxyPassTarget': proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename)), 'ProxyPassTargetOptions': proxyargs.get('ProxyPassTargetOptions', ''), 'ProxyPassReverseSource': proxyargs.get('ProxyPassReverseSource', '/'), 'ProxyPassReverseTarget': proxyargs.get('ProxyPassReverseTarget', proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename))), } %} ######### {{proxy}} ######### ProxyPass {{ proxyvals.ProxyPassSource }} {{ proxyvals.ProxyPassTarget }} {{ proxyvals.ProxyPassTargetOptions }} ProxyPassReverse {{ proxyvals.ProxyPassReverseSource }} {{ proxyvals.ProxyPassReverseTarget }} {% endfor %} {% for path, loc in site.get('Location', {}).items() %} {% set lvals = { 'Order': loc.get('Order', vals.Location.Order), 'Allow': loc.get('Allow', vals.Location.Allow), 'Require': loc.get('Require', vals.Location.Require), 'Dav': loc.get('Dav', False), } %} {% if apache.version == '2.4' %} {% if lvals.get('Require') != False %}Require {{ lvals.Require }}{% endif %} {% else %} {% if lvals.get('Order') != False %}Order {{ lvals.Order }}{% endif %} {% if lvals.get('Allow') != False %}Allow {{ lvals.Allow }}{% endif %} {% endif %} {% if loc.get('Formula_Append') %} {{ loc.Formula_Append|indent(8) }} {% endif %} {% endfor %} {% for regpath, locmat in site.get('LocationMatch', {}).items() %} {% set lmvals = { 'Order': locmat.get('Order', vals.LocationMatch.Order), 'Allow': locmat.get('Allow', vals.LocationMatch.Allow), 'Require': locmat.get('Require', vals.LocationMatch.Require), 'Dav': locmat.get('Dav', False), } %} {% if apache.version == '2.4' %} {% if lmvals.get('Require') != False %}Require {{ lmvals.Require }}{% endif %} {% else %} {% if lmvals.get('Order') != False %}Order {{ lmvals.Order }}{% endif %} {% if lmvals.get('Allow') != False %}Allow {{ lmvals.Allow }}{% endif %} {% endif %} {% if locmat.get('Formula_Append') %} {{ locmat.Formula_Append|indent(8) }} {% endif %} {% endfor %} {% for proxypath, prox in site.get('Proxy_control', {}).items() %} {% set proxvals = { 'AllowAll': prox.get('AllowAll', vals.AllowAll), 'AllowCountry': prox.get('AllowCountry', vals.AllowCountry), 'AllowIP': prox.get('AllowIP', vals.AllowIP), } %} {% if proxvals.get('AllowAll') != False %} Require all granted {% else %} {% if proxvals.get('AllowCountry') != False %}{% set country_list = proxvals.get('AllowCountry', {}) %}GeoIPEnable On {% for every_country in country_list %}SetEnvIf GEOIP_COUNTRY_CODE {{ every_country }} AllowCountry {% endfor %}Require env AllowCountry {% endif %} {% if proxvals.get('AllowIP') is defined %} {% set ip_list = proxvals.get('AllowIP', {}) %} Require ip {% for every_ip in ip_list %}{{ every_ip }} {% endfor %} {% endif %} {% endif %} {% endfor %} {% if site.get('Formula_Append') %} {{ site.Formula_Append|indent(4) }} {% endif %}